KILOBYTE takes your privacy seriously. All personal data is collected, stored, processed, disclosed and shredded in accordance with the Personal Data Processing Act (the Personal Data Act) and the EU's Privacy Regulation (GDPR). This privacy statement explains in detail how we process personal information.
Who we are
The unit responsible for processing is KILOBYTE AS, a Norwegian joint-stock company with an organization number NO 828871242 MVA
How to contact us
Our contact information:
+47 900 899 44
Personal information we collect from you
There are five categories of data we collect from you that contain personal information
Customer contact data
Information you provide to us to identify the customer relationship and optional invoice contact in connection with ordering services from us. This includes name, address, telephone number and email address.
Contact data for domain names
Information you provide to us to register domains. These are used for registrant contact for the domains. This includes name, address, telephone number and email address.
Some top-level domains require additional information to register domain names:
- For Norwegian citizens who apply for a .no domain, a personal identity number is obtained and stored at the register unit for .no, Norid, and a PID number is issued. KILOBYTE only processes the PID number and not the social security number associated with the PID number.
- Registration of a few top-level domains requires that you provide your social security number or passport number and nationality, as well as who issued the passport and date of issue.
Automatically collected data
This is data that you do not provide to us directly, but which we collect automatically when you or the users of your hosting services communicate with our servers. This includes web server logs, email server logs, and other automatically generated server logs. These logs can contain times, IP addresses, email addresses, names, phone numbers and HTTP headers which in turn can contain browser type, previously visited URL and language settings.
Credit card information is not stored in our systems, but at Stripe, Inc. For payments via online banking, the name, address, payment date, account number from which payment was made and KID / message are stored.
Why we collect personal information
The purpose of collecting personal information is:
- to identify you as a customer of KILOBYTE and a party to our Service Agreement
- to identify the registrant for domain names in accordance with the terms of the relevant top level domain
If you do not consent to the collection of personal data, or if you later withdraw the consent, we can not fulfill our contractual obligations with you, with the registry units, and we can not offer you services related to domains.
How your personal information is used
Customer contact data
The contact information is used to send you invoices, renewal notices, annual reminders to keep your contact information up to date and other messages, as necessary to fulfill our contractual obligations with you and with registry entities.
Contact data for domain names
The contact information is used by the registry to identify the registrant for domain names. The Registry may publish the contact information, in part or in full, in the WHOIS database, depending on the terms of the top-level domain in question. The reason for this is that one should be able to have a way to contact people who are responsible for domain names. Examples where this is relevant are, for example, if there are technical problems with the domain, the domain is misused for spam, fraud or criminal activities or if there is a dispute about third party rights to the domain.
Automatically collected data
Such data is used to maintain, protect and improve our services and provide you with a better support experience. It is also used to detect, prevent or otherwise address fraud, security and technical issues.
The payment information stored is used to identify who payments have been made for, as well as in connection with support related to payment of invoices or refunds of payment transactions.
How to access and update your personal information
You can access and change your contact data for the customer relationship, as well as your domains via the customer pages via our website. You can also choose how we send you an invoice, as well as add your own invoice contact. Contact data that is optional can also be removed from both the customer relationship and domain name.
How we share your personal information with others
For .no (and all subdomains of .no) and .se, we share your domain name data with the top-level domain registry to the extent necessary to perform the domain registration or administration. For all other top-level domains, we share your domain name data with Realtime Register B.V. to the extent this is necessary to be able to perform registration or administration of the domain. Realtime Register B.V. further shares your domain name data to the top-level domain registry to the extent necessary to perform domain registration or administration.
We may disclose personal information to the Norwegian police or other public authority if we are presented with a seizure decision, court order or other similar requirement for disclosure of information.
Disclosure of personal data to countries outside the EU / EEA
Rapid Web Services, LLC is located in the United States and meets the requirements of the EU-US privacy shield. All information is sent securely and encrypted.
How we delete your personal information
Personal information that is no longer necessary for the purpose for which it is stored will be deleted continuously.
We store personal information about customers in accordance with current legislation. When you delete or cancel services, some personal information will remain stored to the extent necessary to protect legal rights or legal requirements for documentation.
If you want us to delete personal information stored by third parties such as Facebook, Instagram and the like, you can contact support via our regular support channels and we will help you with this.
Automatic decisions based on personal data
Personal information you submit to us goes through a number of automated checks. Information that does not pass the inspections can be rejected directly so that you are told to enter the correct information, or be flagged for manual inspection or follow-up. For example, we check if the name, address and other only contain characters that are accepted, or the postcode is checked against the correct postal address.
You have the right to data portability. This means that you can take your personal information with you in a machine-readable format.
All contact information related to your domain can be found in the registry's central domain database in a standardized format. Therefore, if you decide to move the domain to another provider, all the information will be automatically transferred to your new registrar using the EPP protocol.
How long we store your personal information
Personal information related to invoices and payment is retained for at least 5 years, as required by Norwegian accounting legislation. Your personal information related to customer contact is stored as long as you are a customer with us, and for at least 3 years after the services and customer relationship have ended. Your personal information related to domain names is stored as long as the domain is registered.
Processing of personal data not covered by this privacy statement
Personal information that you or your users submit, upload, transfer, store or process on the hosting services that KILOBYTE offers is not covered by this privacy statement. This includes, for example, personal information that you or your users store in databases, websites, files or emails. KILOBYTE is not responsible for the processing of such personal data, only the data processor. As the data controller, you are responsible for handling all such personal data in accordance with applicable laws and regulations on privacy. If necessary, you must design and publish your own privacy statement which includes the personal information you exchange with the users of your website or with your e-mail correspondents. See our Data Processor Agreement for further information on how KILOBYTE processes and protects personal data for our hosting services.
Your right to complain
If you are a resident in the EU or EEA, and you believe that our use and processing of your personal data is contrary to the Personal Data Act, GDPR or other applicable legislation, you have the right to complain to the Norwegian Data Protection Authority or to the corresponding supervisory authority in the country in which you reside.
Changes to the privacy statement
You accept that we reserve the right to make changes to the Privacy Statement on an ongoing basis. If we make important changes to the privacy statement, we will inform you here, by email or by means of a notice on our website, at least thirty (30) days before the changes take effect.